[Due for payment 2026-06-17] [Due for payment 2026-06-16] [Workspace Roles] Release 1: Auditor role — read-only access to card and reporting pages

[flodnv]

Part of the Workspace Roles project. Depends on Release 0 frontend and Release 1 navigation guards.

Goal: Give Auditors read access to card and reporting workspace pages (they can view but not act), consistently applying hasPolicyPermission guards throughout.

Expensify Card pages

• src/pages/workspace/expensifyCard/WorkspaceExpensifyCardPage.tsx and related sub-pages
• Auditors have FEATURE_ACCESS.READ for FEATURE.EXPENSIFY_CARD
• Show card list; hide "Assign card", "Configure settings", "Issue card" CTAs

Company Cards pages

• src/pages/workspace/companyCards/WorkspaceCompanyCardsPage.tsx and related sub-pages
• Same pattern: show list, hide mutation controls

Workflows page (src/pages/workspace/workflows/WorkspaceWorkflowsPage.tsx)

• Auditors have read on both FEATURE.WORKFLOWS_APPROVALS and FEATURE.WORKFLOWS_PAYMENTS
• Show the page; disable any toggle or edit control behind hasPolicyPermission(..., FEATURE_ACCESS.WRITE)

General guard helper

Extract or confirm a shared useHasPolicyPermission(feature, requiredAccess) hook / HOC if not already present from F-1, to avoid repeating lookup boilerplate across every page.

Issue Owner

Current Issue Owner: @Pujan92

[melvin-bot]

Triggered auto assignment to Design team member for new feature review - @shawnborton (NewFeature)

[flodnv]

Now that the first PR is merged, you can get started on this @ShridharGoel 😃